Download CSIA 135 Final 150 Final Examination Questions With Verified And Complete Answers and more Exams Computer Science in PDF only on Docsity!
CSIA 135 Final 150 Quiz Questions
rainbow - โ โ Which type of attack is based on the cryptanalytic time-memory trade-off technique?
- โ โ Which type of password crack is the combination of both a brute force attack and a dictionary attack?
Warchalking - โ โ Which wireless hacking technique involves placing a special symbol on a sidewalk or another surface to indicate a nearby wireless network that offers Internet access?
netcat - โ โ What Linux command used TCP or UDP to read and write disk data across the network?
creating a bit-stream disk-to-image file - โ โ What is the most common method forensic investigators use to acquire digital evidence?
WRITEPART - โ โ Which DriveSpy command is used to restore an image of a partition?
WipeOut fast - โ โ Which LinkMASSter-2 option provides a quick non-DoD method of sanitizing a drive of all previously stored data?
dd - โ โ Which Linux command can make a disk-to-disk or disk-to- image copy?
CRC-32 hashing - โ โ Which feature of MASSter Solo-3 ensures data integrity?
sparse data copy - โ โ Which of the following is a copy that an investigator makes of only part of a large set of data in which only the data pertinent to the investigation is included?
DriveLook - โ โ Which of the following is a data duplication software tool that provides access to remote drives through serial cables or TCP/IP?
LinkMASSter-2 - โ โ Which of the following is a hardware tool acquires data from a laptop or desktop by imaging a suspect's hard drive through the computer's USB or Firewire ports?
- โ โ Which tool converts data sets and volumes to system- managed storage, or returns data to a non-system-managed state?
remove the "deleted" flag from the file - โ โ If a file has been removed from the Recycle Bin, what must you do to restore it?
/bin/rm - โ โ In Linux, which command deletes files without physically removing the file from the disk?
diskpart - โ โ In Windows, what command can you use to delete a partition?
C:\RECYCLED - โ โ On a FAT or NTFS drive, where are deleted files stored?
SID - โ โ Recycled files on the NTFS system are categorized into directory names based on which of the following?
copy /recycled /newrecycled - โ โ What command should a user run before deleting the recycled folder in Windows?
Active@ Disk Image - โ โ Which tool contains the unique feature of being able to open disk images and preview files and folders inside, before image restoration?
Scaven - โ โ Which tool was designed to perform unattended multisession searches through large hard drives?
lossless - โ โ Which type of data compression techniques are used with GIF images?
Indexed color - โ โ Which type of image scale contains the colors in RGB, but only the colors used by the image?
Vector images - โ โ Which type of images use geometrical shapes and primitives, such as points, lines, curves, and polygons, based upon mathematical equations, in order to represent images in a computer?
event - โ โ Logging on and logging off of a computer are examples of which of the following?
the event log header - โ โ What do you find in the first 48 bytes of an event log?
handle - โ โ What numeric identifier is simply a shorthand way of referring to an object?
Log Parser - โ โ What tool should you use if you want to query the System event log?
Kerberos - โ โ Which Windows authentication mechanism relies on a system of access tickets that are issued by computers designated as ticket-granting authorities?
System - โ โ Which event log should you examine to view events created by Service Control Manager?
DHCP - โ โ Which network service assigns a client machine an IP address upon request?
XML - โ โ Which standard is a general-purpose specification for markup programming languages?
/etc/inittab - โ โ During the Linux boot sequence, which file controls initialization?
uname -a - โ โ What command should you run to see the computer name and Linux version?
loading the kernel - โ โ What is the first step in the bootup sequence for Linux?
crash - โ โ What should an investigator use to extract artifacts from a memory sample?
dd - โ โ Which Linux command copies data from an input file or device to an output file or device and can be used to make an image of a hard disk?
md5sum - โ โ Which Linux command is used to calculate a hash value for a given file?
- โ โ Which Linux command should be used after disk /dev/hda has been filled with zeros and before it is formatted with the ext3 file system?
FSM - โ โ What tool might an investigator use to measure the wireless field's strength?
manipulation - โ โ What type of MITM attack would use ARP poisoning?
dictionary search - โ โ Which of the following is a method used by password crackers to discover passwords?
Wardriving - โ โ Which technique do hackers use to locate insecure wireless networks while driving around?
Aireplay - โ โ Which tool attempts to confuse the connected wireless devices by sending deauthentication packets?
Brutus - โ โ Which tool builds 60 connections at a time and can find passwords for HTTP, POP3, FTP, and Telnet servers?
- โ โ Which tool captures password that pass through the network adapter and displays them on the screen and works on Windows 32-bit OSs?
- โ โ Which tool is a DOS-based solution designed for resetting local administrator and user passwords on Windows server and desktop systems?
- โ โ Which tool is used to audit and recovers user account passwords in Windows OSs?
Distributed Network Attack (DNA) - โ โ Which tool utilizes the unused processing power of multiple machines across the network to decrypt passwords?
Warning banner - โ โ Before signing on to a system, what does a user usually read that describes the user's responsibilities while using the system?
Chain of custody - โ โ In a forensic investigation, what documents the evidence-gathering process and includes the history and possession of a sample from the time of its collection to its final disposition?
arp - โ โ What command displays the mappings between different layers of the network architecture?
DriveSpy - โ โ What disk-forensic tool creates direct disk-to-disk forensic duplicates and can copy a range of sectors within or between drives?
Search warrant - โ โ What is a written order issued by a judge that directs a law enforcement officer to search for a particular piece of evidence at a particular location?
Time-frame analysis - โ โ What process can contribute to associating events that occurred on a computer with a particular individual?
Slack space - โ โ What represents the space that exists between the end of the file and the end of the last cluster used by that file?
Incident - โ โ What term defines an event that threatens the security of a computer system or network in an organization?
Best practices - โ โ What term defines is defined as an empirically proven set of methods for performing a task in the best and most efficient way?
first responder - โ โ Which term refers to a person who first arrives at a crime scene and accesses the victim's computer system once the incident has been reported?
Subversion - โ โ In what type of incident might the perpetrator modify Web links so that whenever anyone uses one of the links, they are redirected to an unrelated Web address?
Repudiation - โ โ In which type of incident does a person or program, acting on behalf of another person, perform an invalid action?
reconnaissance - โ โ To which type of attack are DSL and cable modems more exposed due to the connections usually being open?
extortion - โ โ What type of incident forces the victim to pay money to the attacker by threatening to reveal information that could lead to a severe loss for the victim?
detecting intrusions - โ โ Which incident-prevention strategy might involve the review of Internet Security and Acceleration (ISA) Server logs?
Incident management - โ โ Which of the following involves not only responding to incidents but also triggering alerts to prevent potential risks and threats?
CSIRT - โ โ Which of the following is a service organization that is responsible for receiving, reviewing, and responding to computer security incident reports and activities?
misuse of computer peripherals - โ โ Which of the following is an example of a low-level incident?
defense-in-depth - โ โ Which of the following is another term for a multilayered defense strategy?
spoliation - โ โ What is the legal term used for the destruction or concealment of evidence?
information system security manager (ISSM) - โ โ Which response handling role prepares and maintains a disaster recovery plan for information resources?
Metadata - โ โ What component of a file is information about the file, including the creator of the file and time and date stamps for when the file was created and last modified?
examination plan - โ โ What document, prepared by an attorney, contains expected questions and relevant answers, and guides the investigator?
PDF - โ โ What is the standard format for reports submitted electronically to the court?
Signature - โ โ What type of analysis can notify the investigator if a user has renamed a file with an extension that doesn't match the file's type?
Testimonial - โ โ What type of evidence is oral evidence, presented by a competent eyewitness to the incident, that is relevant and material to the case?
investigative report - โ โ What type of report provides detailed information on the complete forensic investigation process?
SATA - โ โ Which disk interface provides a serial point-to-point channel between the motherboard and the drive?
daemon - โ โ In Linux, what type of commands are restarted when they end, so they will run continuously as long as the system is in run level 5?
EFS - โ โ Which file system feature stores the files in an encrypted form on NTFS to ensure the confidentiality of data?
3 - โ โ In the Linux OS, what run level provides full multiuser text mode?
FAT32 - โ โ SD cards usually come preformatted with what file system?
boot sequence - โ โ What can be described as the set of steps a computer system takes after it has been powered on?
USB flash drive - โ โ What is a NAND-type flash memory data storage device that is also known as a thumb drive?
iTunes - โ โ What is the digital media player application most commonly used to interact with an iPod?
boot sector - โ โ What is the first sector of a disk that is capable of starting an operating system?
POST - โ โ What is the first set of instructions performed by the CPU after power on?
DVD-R - โ โ What type of media is recordable and non-rewriteable that stores data in the form of small pits and bumps?
NVRAM - โ โ What type of memory retains its information even when the computer is turned off because it is connected to a battery source?
flash memory - โ โ What type of storage is solid-state and comes in formats such as SD, CF, and xD?
CMOS - โ โ Where are the system date, time, and setup parameters stored?
BOOTMGR - โ โ Which component of the Windows 7 boot process reads the Boot Configuration Data file?
master boot record - โ โ Which of the following contains code to locate the active partition?
iPod - โ โ Which of the following is a class of digital audio players that store data on a hard drive or flash memory?
CompactFlash - โ โ Which of the following is a solid-state electronic flash memory data storage device?
Booting - โ โ Which of the following is the process of loading an operating system into a computer's main memory?
Magnetic tape - โ โ Which of the following media consists of a thin plastic strip with a coating of a fine magnetic material?
Blu-ray - โ โ Which optical media was patented by Sony and can store up to 50 GB of data?
port - โ โ Which of the following is a logical connection that allows data to be sent from an application on one computer to an application on another computer?
as hash values - โ โ How does Windows store passwords?
IIS log, cs(User-Agent) - โ โ If you wanted to find out what type of browser was used to access a Windows Web server, where would you look and what would you look for?
